[wp-hackers] Spam load

Brian Layman Brian at TheCodeCave.com
Wed Dec 27 21:47:42 GMT 2006

MM said "Welcome to 2005!":
MM> I just got deja vu:
MM> It stopped working about a week later.
In 2005 Matt said: "The plugin works by embedding a random hidden field in
the comment form that is then checked for on posting."

I was going to protest that this is a different concept, but the defeat for
it isn't any different at all is it?  Whether you change the submission page
or add a hidden field, the defeat is still to load the page and process it
for an appropriate value.  No matter how you cut it, that's trivial to
defeat.  It might work for one small, individual blog, but the moment it is
shared, it will be worth defeating.  


It's a bit like cheats in the FPS realm.  They are only effective until they
are shared with someone.  From then on it is only a matter of time till
PunkBuster finds it and defeats it.  Only in this case the roles of the good
guys and the bad guys are reversed.  It's the good guys who are looking for
the technological advantage and the bad guys are looking to eliminate it.
On my VBulletin forum, the built in CAPTCHA routine is defeated regularly
and that is very annoying especially because it is someone who is doing it
from spam free routines.  BTW: Would you mind if I wrote an Akismet plugin
for VBulletin?  I'd asked you/Akismet that once before via email, but never
got a response. 

> None of these do anything for trackback spam.

Yeah, that's a problem.  You WANT trackbacks and pingbacks to be as simple
as possible because that's how you build a network of blogs.  

Brian Layman

More information about the wp-hackers mailing list